I don’t think any of us [developers] have seen encryption implemented so poorly before, which is why it’s hard to describe why it’s such a big threat to security.

It is kind of like storing all your secret messages right next to the secret decoder ring.

Apple also claimed that the new iPhone 3GS is more enterprise friendly. On the contrary, according to Zdziarski, the new iPhone 3GS encryption fails in protecting sensitive information such as credit card numbers and social-security digits. Infact, it is as easy to access illegal private information just as it was on iPhone 3G or iPhone – while both didn’t feature encryption. Live data can be extracted in hardly two minutes, while a complete raw disk image can be made in about 45 minutes.

Zdziarski says:

To steal an iPhone’s disk image, hackers can use popular jailbreaking tools such as Red Sn0w and Purple Ra1n to install a custom kernel on the phone. Then, the thief can install an Secure Shell (SSH) client to port the iPhone’s raw disk image across SSH onto a computer.

Zdziarski also added that it’s all upto the app developers to add security to their apps because the encryption is of no help here:

If they’re relying on Apple’s security, then their application is going to be terribly insecure,Apple may be technically correct that [the iPhone 3GS] has an encryption piece in it, but it’s entirely useless toward security.

With so many security issues highlighted and so many criticisms; its a blow on the face of Apple!

Will this harm the image of Apple? Will its users stop trusting it? Will you stop trusting Apple?

Lance Kidd, chief information officer of the Halton company said:

…Our culture is such that our general manager is saying, ‘I’m willing to take the risk for the value of the applications..

Are YOU willing to take this risk?

Does the fancy apps of the iPhone matter to you more than security of your personal information?

Dear Sir,
Your information was quite useful.I have got a dealer in the UK who is selling me the unlocked version of the iphone 3gs 16GB at just 199$ and he claims that it can run on any sim card & in any country.
He is also offering me 1 iphone 3GS 16Gb free along with the two iphone 3GS that i am buying.
I will personaly be goin to the shop for buying it.Is that iphone genuine or its the duplicate of iphone?
Please let me know what to check in that phone to ensure that my cell is a genuine one and not the duplicate one.
Thank You.

zaphodak42

Wow. I suppose that it's a-okay that I didn't enable this in iTunes, then. Infant featuritus, meet the iPhone.

zaphodak42

Wow. I suppose that it's a-okay that I didn't enable this in iTunes, then. Infant featuritus, meet the iPhone.

Pejmon H.

The only way to access an iPhone's data is if the phone has been synced with the computer at least once with the phone unlocked (passcode), if it hasn't been synced with that computer and is passcode locked, there is no way to access the data through the means of redsn0w, purplera1n, blackra1n, and on… you can, through keystrokes, place the phone in restore mode, then restore the phone to a fresh installation of the iPhone OS, but you lose any data previously on the device.

Pejmon H.

The only way to access an iPhone's data is if the phone has been synced with the computer at least once with the phone unlocked (passcode), if it hasn't been synced with that computer and is passcode locked, there is no way to access the data through the means of redsn0w, purplera1n, blackra1n, and on… you can, through keystrokes, place the phone in restore mode, then restore the phone to a fresh installation of the iPhone OS, but you lose any data previously on the device.